The lawyers are coming for Sony, after it lost 101 million customers' information. (Source: David Pear)

Sony has thus far refused to clarify whether users' credit cards were stolen. Its statements suggest that as many as 10 million customers MAY have had their credit cards stolen. (Source: China Post)

Sony waited two days before informing the FBI of the breach and a full week before informing customers. Many customers are also distraught about their passwords, real names, and email addresses being stolen -- a combo which could give cybercriminals access to users' private online accounts. (Source: Hard Forums)

After two high profile data losses, company has recruited the FBI and a private firm to crack down

Sony
Corp. (6758) has been rocked in
recent weeks by a pair of high profile system intrusions. One intrusion caused
the outage of the company's Qriocity streaming media and PlayStation Network
(PSN) services, along with the loss
of 77 million customer records. A second intrusion at Sony Online
Entertainment lost
24 million additional customer records.

In an effort to clean up its act, Sony has hired privately held security firm
Data Forte to track down the cyber criminals. Data Forte is the brainchild
of a former special agent with the U.S. Naval Criminal
Investigative Service.

The Japanese electronics giant has also retained cyber-security detectives from
Guidance Software Inc. (GUID) and consultants from
Robert Half International Inc.'s (RHI) subsidiary Protiviti to
assist in the investigation and cleanup.

There is a bit of irony there, in that Robert Half was itself the victim of
customer data loss just
weeks ago. Robert Half contracted email service solutions firm
Epsilon to manage its client email database. Like many Epsilon customers,
it was shocked to hear that Epsilon's entire database of emails from various
client companies had been stolen.

The three investigating firms are working closely with U.S.
Federal Bureau of Investigations (FBI) to examine possible identity
theft or credit card fraud attempts from the individuals who stole the
information.

II. What's the Status?

One of the frustrating things about the entire incident is that Sony has been
extremely unclear about whether users' credit cards were stolen. In all
of its statements it adopted ambiguous legal language-esque passages, which
while not saying the cards numbers were stolen, also did not rule out the
possibility.

Initially, Sony was also very quiet about the breach itself, waiting a full
week before informing customers of its discovery and why the networks were
down. When it did finally inform them, it did offer them a great deal of
information about the breach itself (though it offered precious little
clarification on some of the most important points, like credit card loss).

Sony, whose Japanese executives have publicly apologized to customers, has also
been silent about its ongoing investigation.

Other security firms, though, who aren't involved firsthand, but reportedly
have knowledge of the situation, are speaking out. In an interview with Reuters, David
Baker, vice president of services with electronic security firm IOActive,
states, "It's a significant operation."

He said that he believes that Visa and MasterCard have hired their own
investigators to probe the incident as well. If true, this may indicate a
greater likelihood that credit card information was indeed lost.

In the letter he says he will call on the U.S.
Attorney General, Eric Holder, to probe whether or not Sony should be held
criminally or civilly liable for losing its customers personal information, including,
potentially, financial records.

He writes:

I would appreciate a direct and public answer detailing what the
company will do in the future to protect its consumers against breaches of
their personal and financial information.

Reportedly one thing Sen. Blumenthal and others are upset about is the report
that Sony waited two days after finding out about the breach before contacting
the FBI.

III. Legal Troubles Ahead for Sony?

Despite its efforts to turn the corner with its internal security and track
down the perpetrators of the breach, legal troubles may be looming for Sony, as
Sen. Blumenthal's comments might suggest.

The company has retained the services of Baker &
McKenzie, a law firm. Reportedly the move was designed to retain
services to help prosecute cyber-criminals involved in the break in.

However, it may also be designed to beef up Sony's legal defense against customers.

A Toronto law firm on Tuesday announced a $1B CD
($1.05B USD) class-action suit against Sony for breach of privacy, naming
a 21-year-old PlayStation user from Mississauga, Ontario, as the lead
plaintiff. Lawyers for McPhadden Samac Tuovi LLP, say that the
suit's requested damages would allow Sony's customers to purchase fraud
prevention and credit monitoring service for two years.

It is likely that similar class action lawsuits will pop up in the U.S. and the
European Union.

Many Sony customers are upset not only about the possible loss of their credit
card information, but also the loss of their usernames and passwords.
While hashed, it's possible that sophisticated hackers could reverse the
hash, giving them access to potentially millions of users Facebook, Gmail,
Twitter, and other accounts, given that they also have the users emails and
real names (which were reportedly unhashed and unencrypted).

Comments

Threshold

Username

Password

remember me

This article is over a month old, voting and posting comments is disabled

If only there was definitive proof that you were the rightful owner of a PS3 and your account got hacked....since its the account at jeopardy and not the PS3 hardware. Otherwise everyone , hacking victim or not, would turn in a PS3 for a shiney new 360 (under the assumption they are just upset at Sony and that's how they get back at them).

If I have to send my PS3 in to be crushed, are MS going to provide me with a BluRay player too? :o)

I have a feeling that this is the last straw for many of the PS faithful, and they will be paying MS for an xBox next time around. Sony are probably quite lucky that the next generation of consoles aren't just about to be launched.

I stuck with SONY and the PS this time around, after having bought PlayStations since the PS one, and an original xBox too. I had an xBox 360 but sold it, with the RRoD issue being a factor, as well as cost of owning 2 consoles when I don't really get the time to play one.

Reasons to stick with Sony are dwndling. They have lost exclusives like Metal Gear Solid, while MS have some good games on their exclusive listt that I've played on friends 360s. Gran Tourismo was the other PS game that was in my thoughts at launch, so was one of the reasons why I went the PS route again this time, and the delays there have been very disappointing too. Then there's the otherOS issue and that Move seems pretty pointless to anyone who's played on or owned a Wii, Kinect seems to offer a whole lot more potential. So finally, there's the PSN, which isn't all that great and has been shown to be pretty poorly secured and some of my personal information is now in the hands of god knows who, and Sony don't really seem to know what's going on.

Next time around, my initial bias is going to be pro xBox, rather than pro PS. I think a lot of Play Station owners are going to feel the same way too, and MS wont have to do a single thing to win over console customers, Sony have done all the work for them, and crushed a free PS4 sales already.

Only the technologically impaired care about blueray. Virtual media has been the future for a long time now. You can easily download any 1080P film from the net (even without piracy), or you can download blueray rips. Blueray was to late in a media less environment, even streaming services offer 1080P with surround sound movies now. Everything I watch is streamed from a service, or downloaded and placed on my server so that my XBMC can pick it up and stream it to my TV in full 1080P with full lossless surround sound...

quote: Virtual media has been the future for a long time now. You can easily download any 1080P film from the net (even without piracy), or you can download blueray rips.

Erm, no you can't, at least, not for a lot of people, including me. Not unless I could get everyone in my home (and probably neighbourhood) to stop using their connection, and wait for a pretty long time. If everywhere had a good cable/fibre connection then I might agree with your condescending comment.

Also, in defence of the technologically impaired, who like to have a physical copy of their media... Who is getting the best use out of their PSP at the moment? The technologically impaired people who have an old fangled version that uses physical media, or the bright new clever people who have a PSP GO who just want to download their games from the PSN? Erm...

In 5 or 10 years time, your conceited comment might have some weight. However, at the moment, neither the physical high-speed broadband infrastructure exists in enough places to make streaming/downloading remotely feasible for enough people, and as this attack on (the media giant) Sony demonstrates, the commercial, server side ability for even large global corporations that provides a consistent, reliable and secure service to customers (that they can trust) does not exist either.

Also, can I legally borrow your copy of a film that you've downloaded? It's easy enough to give and sell on my BD disk, how about your fancy download? I can easily and cheaply store my BD film in a cupboard or shelf, how about you? Need a little server setup do you? Have to keep that up and running and if it goes wrong? Fine for you maybe, but not for everyone who probably could set-up a media server, but don't have the inclination to do it.

BD might be the last great hurrah for physical media, but their are advantages to physical media, so it's definitely got a place now and is by no means too late to the party for the many many people, even those who are not technologically impaired.

Kudos to you though, we'e all very proud of you for downloading and streaming your media. Fingers crossed that you don't have any problems like those that Sony users are having, or problems with your network, both internally or externally when you fancy watching a film.

No you can't? Why and how you cant? Need your whole nieghbor hood to stop using interNet to be able to down load? Get higher bandwith inter net then.many site stream hd content. Of course with sony fan hd can only exsit on blue ray. I remeber when i bought my 60 gig ps3 and all the fanboys where going off about hd can only exist on blu ray.... So i proved this wrong by simply dowbloading a 1080p heavenly sword video off psn storing it on my sd and usb sFlash drive and played them off both storage meduims.I for know the well over 20 house holds dowb my street stream hd content. What ypu think the data ypur tv recives and data internet is so much diffrent? Hd hbo showtime discovery channel?Get real. And if you go on about unconpressed serousily any $399 laptop can play the highest compressed hd content perfectly fine. I have a sandy bridge 2360 paired with an ati 6700 series and it sure can uncompresse and play content from hdd , e-sata, usb on tree diffrent media players (vlc,divx,quicktime) flawlessly.Legally borrow not sure but you can stream it from number of sites. Youtube, hulu, net flix, sony, discovery network, and on and on. And as far as your lon time to dowb load i rip blu ray movies all the time with true hd audio, english subs abd files sizes are only 2.5-6.8 gigs at 1080p , and 800-1.9 720p. 2 terabyte hdds are cheap as hell 65$ sales and reg prices of 70-99$.And blu ray is the what you say ?"BD might be the last great hurrah for physical media, but their are advantages to physical media, so it's definitely got a place now and is by no means too late to the party for the many many people, even those who are not technologically impaired.".Industry uses hollgrapic versrial disk 3.9 terabytes per disk same form factor as your cd,dvd,blu ray.Most poeple only can truely use 720p quitly regardless of there display being capable of higher reslutions due to fact of lost quility from phsical screen size. Unless you are projecting a 10 foot by 6 foot projection the diffrences of 720-1080 is barely noticeable. Compters can go 5 megapixiel now. Move on with the times...

Quick, get to the UN and solve world peace with that amazing intellect of yours that can cut through problems so easily.

*sighs*

I'm not sure if you are being factitious, or intentionally obtuse, but the very very very simple point is that not everywhere has the sort of infrastructure that you are talking about.

Really, I don't knwo how to make it any simpler for you to understand.

I get that HD content can be streamed or stored on a flash drive or hard disk, and I have never said that it is imposable, but the places the capability and broad band infrastructure exists where people can throw out there BluRay disks and download HD content (not even at the same quality), 24/7, without impairing what the rest of the household are doing, even assuming that only 1 person in the home wants to watch a HD movie at any one time, is very patchy and has nothing to do with how technological impaired someone is.

Like the person I replied to, I am so very happy that you live in a place where people can down load and stream HD content, BUT A LARGE NUMBER OF PEOPLE IN THE MOST WESTERN COUNTRIES CAN'T, EVEN IF THEY KNOW HOW TO AND WANT TO.

Honestly, I don't know what some of you guys are on at times.

And then why you have to go on about industry using some sort of holographic disk when we are clearly talking about home consumers just boggles my mind, but doesn't surprised me.

I buy a TV. I buy a Blu-Ray Player. I rent or buy Blu-Rays. I watch Movies and TV shows on Blu-Ray. Any time I want to watch something, I just put it in and hit play.

To watch media that is streamed or on a server.

I need a device that can stream media. Cable and Satellite charge too much for movies. I want to stream Netflix so my TV has to be compatible or I need a PC. I need to have a PC in my living room or long cables or I use a laptop with long cables or hook it up when I use it. If I use a server I have to set that up. I have to keep up on updates. If I want to watch my movie someplace else I need to be sure I can stream or download there or I have to transfer my media to a portable storage device to take where I am going. I need to know what format it can play in where I am going or I may need to be able to play it on a screen everyone can see. So I have to verify that where I am going has a TV hooked up to or can be hooked up to a laptop or computer. Any time I want to watch I need an internet connection.

The list is long of things that are more difficult. Don't get me wrong though. I am a Netflix customer and I love to stream but I also get my favorite action flicks on Blu-Ray. Something tech people lose site of is how our "easy" and "normal" is not everyone's "easy" and "normal". Logging in, setting up, streaming, searching, etc... is not easy for everyone. Plus some people just don't like to take the time. My wife is a Network Engineer and very smart but she prefers throwing a disc in, sitting down, and enjoying a movie. She does not want to mess with anything else. The kids will have it all figured out though and be use to it. Digital media will not be the norm for 10 years. Having Blu-Ray discs at that point will be like having records now. You don't listen to them all the time but it is really cool when you do.

On a side note: I have watched the same movie back to back on Blu-Ray then streamed and blu-Ray is better (sound and picture). Sure the difference is small if you don't do side by side but it is there. So if you really love movies and have a decent setup, streaming just does not quite satisfy.

Any normal broadband connection can stream or download HD content. As for the PSP GO, I agree with you, but could it be because people did not want a rehash of the PSP? Considering Steam is dominating the PC over physical media, and most software for the PC is downloaded and not installed from disk, MP3's have replaced CD's, ect. Also their are certain services that do allow you to lend your digital copy out, in time this won't even be necessary with services like netflix taking over the marketplace.

As for my server and network, they have never went down in 6 years (aside of electrical outages). My server is a lowly 700MHZ headless PC which in all honesty is overkill for what it is doing, look up freenas for the server OS. Also a lot of modern routers now have the ability to just plug in an external HDD and turn your router into a media server.

No, it can't. Sorry, but average speeds in many places are around 2 to 3 mbps when the going's good, and that's just not good enough, even assuming that only one person wants to watch any one stream or download something at any one time.

I'm not sure about Steam dominating physical media in PC gaming, but I feel that you might be exaggerating somewhat, not to mention that the PC game market is somewhat smaller than the home movie market in terms of units sold.

Your point about MP3s is a good one though. Back in the early days of napster (late '90s) people were using dial up, and some might have been making similar comments as you just have only referring to downloading music and that only those who use CDs are the technologically impaired. However, it took a long time until broadband connections came along to make it realistic for music downloads to replace the CD, and many people still prefer to have their physical disk for other reasons, such as those that I pointed out. Current ADSL broadband connections (which is what most people have, although things are slowly changing) are just not good enough for all your HD video needs I'm afraid, just as dial up wasn't good enough for all music downloads. On the odd occasion, perhaps, but not all the time as a matter of course. When speeds improve and become more stable, then I totally agree with you (and have never said that it wont be a distinct possibility that downloads will replace physical disks for many), but that's going to be a while I'm afraid.

To be clear, I'm not saying that what you have said will not be true sooner or later, just that at the moment, your claims are just plain wrong. If you live alone in a flat with a cable/fibre connection, then you can do what you say. If you live in the average household however, with an average ADSL line with many people using it at the same time, along with everyone else attached to our exchange downloading HD videos too (as everyone would be the technologically literate utopia, that does not have BlrRay disks), then streaming or downloading HD video files and watching them is not going to be quite as feasible as you seem to think.

It has little or nothing to do with how technologically savvy someone is.

As for you claiming not to have been condescending. When you make comments like "Only the technologically impaired care about blueray", then I'm sorry to be the one to break it to you, but you are being condescending. Maybe you talk to people like this all the time and someone should have pointed this out to you in the past? I honestly can't say.